Legal Due Diligence Checklist for Indian Startups: What Investors actually check

Every founder who has been through a funding round remembers the moment the investor’s lawyer sends the DD checklist. It lands in your inbox as a forty-item spreadsheet and your first instinct is to start pulling documents. That instinct is correct, but it is only half the picture. Legal due diligence is not a document collection exercise. It is a structured investigation with a defined output: a findings memo that feeds directly into the term sheet’s Conditions Precedent and ultimately into Schedule A of your Shareholders’ Agreement. Understanding what investors are looking for in each category, and what they do with what they find, changes how you prepare and changes the terms you end up signing.

How legal due diligence fits into the funding process

Legal DD does not begin when a founder decides to raise. It begins when a term sheet is signed. Understanding the three phases tells you which one actually determines your deal outcome.

Phase 1: Preliminary scan (pre-term-sheet)

Before committing to a term sheet, most institutional investors run a light scan. They check MCA filings for the company, look at the cap table on paper, verify DPIIT recognition status if applicable, and do a basic Google search on founders and directors. This phase takes two to five days and its purpose is to identify existential issues, not to conduct a thorough review. If something breaks a deal at this stage it is usually a corporate structure issue or an undisclosed director disqualification.

Phase 2: Full legal DD track (post-term-sheet)

This is the phase that matters. The investor engages a law firm, which runs a parallel track alongside financial and commercial DD. The legal track covers six workstreams: corporate and governance, cap table and securities, contracts and obligations, intellectual property, regulatory compliance, and litigation. Each workstream ends with a findings memo. These memos are aggregated and presented to the investor’s investment committee. Every finding is classified as either a closing condition (must be fixed before funds transfer), a disclosure item (disclosed and accepted by investor), or a noted risk (acknowledged but not a blocker).

Phase 3: Closing conditions and documentation

Legal DD findings that become closing conditions show up in the SHA/SSA as Conditions Precedent. The Disclosure Schedule to the SHA captures everything the founder has disclosed and the investor has accepted. Any item that was not disclosed but surfaces later is a breach of representation and warranty, which can trigger indemnification obligations. This is why experienced founders over-disclose rather than under-disclose.

DD timeline by funding stage

Stage	Typical duration	Legal DD depth
Angel / Pre-Seed	1 to 2 weeks	Basic corporate records, founders’ agreement, cap table
Seed	2 to 4 weeks	Corporate, cap table, key contracts, IP ownership, basic FEMA check
Series A	4 to 6 weeks	Full legal track across all six workstreams
Series B and above	6 to 10 weeks	Institutional-grade review, 90 to 120 documents, third-party reference checks

Corporate records and statutory registers

The first workstream in any legal DD is the corporate records review. Investors are checking two things: that the company exists and is properly governed, and that the statutory records match what the founder has represented.

The core documents requested are the Certificate of Incorporation, Memorandum of Association (MOA) and Articles of Association (AOA) including all amendments filed with the Ministry of Corporate Affairs (MCA), SPICe+ incorporation filings, all board resolutions from incorporation to date, all general meeting resolutions, the statutory registers maintained under Sections 88 to 92 of the Companies Act 2013, and the last three years of annual returns filed in Form MGT-7.

The investor’s lawyer is not just checking that these documents exist. They are checking that the board resolutions authorising each material event (an allotment, an ESOP grant, a key contract, a change in registered office) are present, properly passed, and filed with the MCA where required. A board resolution that authorised a share allotment in 2021 but was never filed as Form MGT-14 is a governance gap. It does not automatically kill a deal but it creates a Condition Precedent to ratify and file before closing.

Statutory registers under Section 88 (register of members), Section 170 (register of directors and key managerial personnel), and the register of charges under Section 85 must be current. Discrepancies between the register of members and the allotment filings on MCA are one of the most common findings in a Series A legal DD and are always treated as a closing condition.

What investors check: corporate records

Document	Section / form	What a gap triggers
Certificate of Incorporation	Companies Act 2013	Deal pause pending verification
MOA / AOA with all amendments	Section 4, 5 Companies Act 2013	Object clause reviewed for business compatibility
All board resolutions	Section 117 Companies Act 2013	Each unresolved gap = one Condition Precedent
Annual returns MGT-7	Section 92 Companies Act 2013	Late filings flagged as governance risk
Statutory registers	Sections 85, 88, 170 Companies Act 2013	Discrepancy with MCA = closing condition
Director DIN and disqualification check	Section 164 Companies Act 2013	Director disqualification = deal-breaker

Cap table, securities history, and angel tax legacy

The cap table workstream is where most rounds slow down. The investor’s lawyer reconciles the cap table against four independent sources: PAS-3 filings on MCA for every allotment, physical or digital share certificates, board and shareholder resolutions authorising each allotment, and the register of members. If these four do not reconcile to the same number for every shareholder, the round cannot close until they do.

What investors check in the cap table workstream

Every allotment of equity shares, Compulsorily Convertible Preference Shares (CCPS), Compulsorily Convertible Debentures (CCDs), SAFEs, or convertible notes must have a corresponding Form PAS-3 filed with the MCA within 15 days of allotment under Section 39 of the Companies Act 2013. Stamp duty on share certificates must have been paid at the time of issuance. The investor’s lawyer checks the stamp paper dates and amounts. Backdated or unstamped certificates are a red flag because they raise enforceability questions about the allotment itself.

Shareholder approvals for each allotment must be on record. A preferential allotment under Section 62(1)(c) requires a special resolution passed at a general meeting. If a CCPS allotment to an early angel investor was done without the required special resolution, it creates a defect in title that must be cured before the new investor takes shares in the same class.

The angel tax legacy issue (Section 56(2)(viib))

Section 56(2)(viib) of the Income Tax Act 1961, the provision commonly called angel tax, was removed for DPIIT-recognised startups from 01 April 2024 under the Finance Act 2024. The removal applies prospectively. Any allotment to an Indian resident investor made before 01/04/2024 without a Rule 11UA valuation report creates a legacy tax exposure. The investor at the new round will raise this as a closing condition because the valuation gap creates a potential tax liability on the company or the earlier investor that could affect the new round’s pricing. A retrospective valuation from a registered valuer and a legal opinion resolves it, but it adds two to four weeks to the timeline if not prepared in advance.

ESOP pool in the cap table

The ESOP pool on the cap table must match the scheme document and the total grants issued. Granted but unvested options must be disclosed separately from vested-but-unexercised options, and both must be reconciled to the PAS-3 filings for exercised options. A cap table that shows a 10% ESOP pool but has no EGM resolution authorising it is a common finding at Series A. See the ESOP section below for the full compliance checklist.

Contracts and commercial agreements

The contracts workstream is wide. Investors look at six categories of agreements, in order of materiality.

Founders’ agreement

This is the first document reviewed. Investors check for vesting schedules on founder equity (standard is a four-year vest with a one-year cliff), IP assignment from each founder to the company, non-compete and non-solicitation clauses, exit and buyback mechanics, and good leaver / bad leaver definitions. A founders’ agreement that is missing the IP assignment clause is a significant finding because it creates ambiguity over who owns the core technology or product if a founder leaves. This is covered in the IP section below but originates in the founders’ agreement.

Employment contracts

Every employee above a threshold (typically all full-time employees in a Series A review) must have a signed appointment letter or employment agreement. The investor’s lawyer checks for IP assignment and work-for-hire clauses, non-disclosure obligations, non-compete restrictions (note: blanket non-competes are unenforceable in India under Section 27 of the Indian Contract Act 1872, so the drafting matters), and confidentiality terms. Offer letters issued without IP assignment clauses are common at early stage and create an IP ownership gap.

Key customer and revenue contracts

Top five to ten customer agreements are reviewed. Investors look for change-of-control clauses that would allow a customer to terminate on a funding event or acquisition, auto-renewal terms, payment terms and whether receivables are genuinely earned, exclusivity obligations that restrict the company’s ability to serve competing clients, and liability caps. A customer contract with an uncapped liability clause in a B2B SaaS startup is a negotiation issue at Series A.

Vendor and third-party agreements

Material vendor contracts, technology agreements, and payment gateway agreements are reviewed for similar change-of-control issues and assignment restrictions. A key vendor contract that cannot be assigned without the vendor’s consent creates a risk in any future M&A scenario.

NDAs

The investor checks that NDAs are in place with all parties who have had access to confidential information, including potential investors from prior rounds, strategic partners, and senior candidates interviewed for roles. Missing NDAs with parties who have seen the cap table, product roadmap, or financial model are flagged.

Lease and premises agreements

Office lease agreements must be valid, registered where required under the Registration Act 1908 (leases above 11 months typically require registration), and free from restrictive covenants. The investor also checks that rent is current and there are no notices from the landlord.

Intellectual property ownership

Investors in technology-led startups treat IP as a valuation input, not just a compliance box. The question they are asking is not “is it registered” but “does the company unambiguously own it.”

The ownership chain

For every piece of IP that is material to the business, the investor’s lawyer traces ownership from creation to the company. For software, this means checking that every developer who wrote production code (including contractors, freelancers, and co-founders before incorporation) has signed an IP assignment agreement transferring all rights to the company. For product designs, the same logic applies to design consultants. An IP assignment that was never executed, or was executed after the relevant work was completed, creates a defect that is difficult to cure retrospectively if the person has left.

Registration status

IP category	Registry	Relevant law	What investors check
Trademark	Trade Marks Registry	Trade Marks Act 1999	Application filed, objections pending, classes covered
Patent	Indian Patent Office	Patents Act 1970	Provisional vs complete specification, grant status, ownership
Copyright	Copyright Office (optional)	Copyright Act 1957	Ownership chain more than registration status
Domain and brand	ICANN / registrar	IT Act 2000	Registered in company name, not personal name

A trademark that is filed in a founder’s personal name and not assigned to the company is a closing condition. Domain names registered in a founder’s personal Gmail account rather than a company account are flagged as a governance issue.

Open source and third-party software licences

Technology startups are checked for open source licence compliance. Use of GPL-licensed components in commercial software can create a licence contagion issue. Investors at Series A increasingly ask for a software composition analysis or at minimum a declaration of open source components used and the applicable licences.

Regulatory and sector-specific compliance

Every startup operates under at least two regulatory regimes: the base corporate law regime and the sector-specific regime for its industry. Both are checked.

DPIIT recognition

DPIIT recognition under the Startup India scheme unlocks Section 80-IAC tax exemption (three consecutive years out of ten from incorporation), angel tax exemption under Section 56(2)(viib) (prospectively from 01/04/2024), and self-certification under six labour laws. Investors check the recognition certificate, that the startup is within the ten-year and ₹100 crore turnover limits, and that the annual self-certification filings are current. A DPIIT-recognised startup that has crossed the turnover threshold but has not updated its status creates a false representation risk.

Sector-specific licences

Missing or lapsed licences that are material to the business are treated as closing conditions.

Sector	Key licences and registrations	Regulator
Fintech / lending	NBFC registration, payment aggregator authorisation	RBI
Healthtech / diagnostics	Clinical Establishments Act registration, drug licence	State health authority / CDSCO
Edtech	None mandatory at present, but check UGC norms if degree-linked	UGC
Foodtech / D2C food	FSSAI licence	FSSAI
Import / export	Import Export Code (IEC)	DGFT
Environment-impacting manufacturing	Environmental clearance, Consent to Operate	MoEFCC / SPCB
Insurance distribution	IRDAI registration	IRDAI

GST and income tax registration

GST registration is mandatory where turnover exceeds ₹20 lakh (₹10 lakh for special category states) under the Central Goods and Services Tax Act 2017. Tax Deduction and Collection Account Number (TAN) must be obtained and TDS must be deducted and deposited correctly on salary, contractor payments, and rent. Investors check that GST returns are filed and that TDS challans reconcile to the TDS returns. Arrears or notices from the tax department are disclosed in the litigation section.

FEMA and RBI compliance

This is the section that trips up the largest number of startups at Series A because almost every growth-stage company has received some foreign investment, but few have tracked their FEMA filings systematically.

Foreign Exchange Management Act (FEMA) 1999 applies from the first rupee of foreign investment. The Foreign Exchange Management (Non-Debt Instruments) Rules 2019 govern the reporting obligations on every foreign investment event.

Form FC-GPR

Any startup that has received Foreign Direct Investment (FDI) through issue of equity shares, CCPS, or CCDs to a non-resident must file Form FC-GPR with the Authorised Dealer (AD) bank within 30 days of the date of allotment. The AD bank forwards the filing to the Reserve Bank of India (RBI). A late or missing FC-GPR is a compoundable offence under FEMA. Penalties under Section 13 of FEMA can be compounded at up to 300% of the transaction amount, though practical compounding orders for technical delays on FC-GPR are typically a fraction of that ceiling. Investors check FC-GPR compliance without exception because a missing filing creates an RBI liability that the company carries into the new round.

Annual Return on Foreign Liabilities and Assets (FLA)

Any company with outstanding foreign investment or overseas direct investment must file the FLA return with the RBI by 15 July of each financial year. This is a mandatory RBI filing under FEMA. A missing FLA return is treated as a serious governance gap by investors because it signals that the company has been managing regulatory compliance reactively. The FLA return is checked against the FC-GPR history to verify that all foreign investment is properly captured.

Form FC-TRS

If any existing non-resident investor has sold shares to a resident or to another non-resident, Form FC-TRS must be filed within 60 days of the transfer. Secondary share sales in angel rounds without FC-TRS filings are a common finding.

Key FEMA checklist items

• FC-GPR filed for every foreign investment allotment within 30 days
• FLA annual return filed for every FY where outstanding foreign investment exists, by 15 July
• FC-TRS filed for all secondary transfers involving non-residents
• Pricing guidelines complied with: FDI pricing must not be less than fair market value under Rule 11UA for unlisted companies
• Sectoral caps and prohibited sectors verified (FDI policy, updated periodically by DIPP/DPIIT)
• AD bank correspondence on record

ESOP compliance

ESOPs sit at the intersection of corporate law, tax law, and employment law. Investors treat the ESOP compliance workstream as a standalone category because gaps here are extremely common and the consequences range from tax liability to employee disputes.

Corporate law compliance

An ESOP scheme must be approved by the shareholders through a special resolution under Section 62(1)(b) of the Companies Act 2013. The resolution must be filed as Form MGT-14 with the MCA within 30 days. Many early-stage startups issue ESOP grant letters without the underlying special resolution because the scheme was set up informally. Every such grant is technically unauthorised. Investors treat this as a closing condition requiring ratification.

The ESOP scheme document itself must specify the exercise price, vesting schedule, the total pool size (as a percentage of fully diluted equity), and the treatment of options on termination, resignation, and death.

Tax compliance on ESOPs

ESOPs are taxed at two points under the Income Tax Act 1961. At exercise, the difference between the Fair Market Value (FMV) on the date of exercise and the exercise price is taxed as a perquisite under Section 17(2)(vi), and the employer must deduct TDS on this amount. At sale, the gain is taxed as capital gains. DPIIT-recognised startups are eligible for deferral of the perquisite tax at exercise for a period of up to 48 months from the end of the FY of exercise, or until the employee leaves, or until the shares are sold, whichever is earlier, under Section 192(1C) of the Income Tax Act 1961.

Investors check that TDS was correctly deducted on exercised options, that perquisite values were computed at FMV using the prescribed methodology (Rule 3(8) for unlisted shares, using a Category I merchant banker valuation), and that Form 12BA was issued to exercising employees.

ESOP compliance checklist

• Special resolution for ESOP pool under Section 62(1)(b) filed as MGT-14
• ESOP scheme document with all required terms
• Individual grant letters for every optionee with exercise price, vest date, and expiry
• Vesting schedule and cliff documented per grant
• PAS-3 filed for every batch of exercised options converted to shares
• FMV valuation report from registered valuer for each exercise event
• TDS deducted and deposited on perquisite at exercise
• Form 12BA issued to employees who have exercised

Labour law and POSH Act compliance

Labour law compliance is one of the most underestimated areas in legal DD. Treelife regularly finds labour law gaps even in well-organised startups because the applicability thresholds change with headcount and founders do not always track them.

Key labour law thresholds

Law	Applicability threshold	Key compliance
Employees’ Provident Funds and Miscellaneous Provisions Act 1952	20 or more employees	PF registration, monthly contributions, ECR filing
Employees’ State Insurance Act 1948	10 or more employees (in notified areas)	ESIC registration, monthly contributions
Maternity Benefit Act 1961	10 or more employees	Policy, paid leave, creche facility above 50 employees
Shops and Establishments Act	All commercial establishments (varies by state)	Registration, working hours, leave policy
Professional Tax	Varies by state	Employer registration, monthly deduction from salary

Investors check PF and ESIC registration certificates, monthly ECR filings for the last 12 months, and that the contribution amounts reconcile to the payroll. Arrears on PF contributions are a closing condition because they attract interest under Section 7Q of the EPF Act at 12% per annum and damages under Section 14B that can run to the same amount again.

POSH Act compliance

The Prevention of Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act 2013 (POSH Act) requires every employer with 10 or more employees to constitute an Internal Complaints Committee (ICC). The ICC must submit an annual report to the District Officer by 31 January each year. Non-compliance carries a penalty of ₹50,000 under Section 26 of the POSH Act, and repeated non-compliance can result in cancellation of the business licence. Investors ask for the ICC constitution order, the most recent annual report submission, and confirmation that at least one external member is on the ICC. This is a live closing condition in a significant number of Series A transactions where the founding team has been focused on growth and overlooked the annual reporting obligation.

DPDPA 2023 and data compliance

The Digital Personal Data Protection Act 2023 (DPDPA) is not yet fully enforced. The Rules under the Act were notified in January 2025 and the enforcement date is expected in FY2026. Investors are already treating DPDPA readiness as a legal DD item, particularly for B2C startups, SaaS companies processing customer data, and healthtech or edtech platforms with significant user bases.

What investors check for DPDPA readiness

• Privacy policy updated to reflect DPDPA 2023 language on consent, purpose limitation, and data principal rights
• Consent mechanism on the product: active and explicit opt-in, no pre-checked boxes, consent for each processing purpose separate
• Data processor agreements (DPA) in place with third-party vendors who process personal data on the company’s behalf
• Data retention and deletion policy documented
• Breach notification process defined (DPDPA requires notification to the Data Protection Board within 72 hours of a breach)
• Cross-border data transfer restrictions: personal data of Indian residents cannot be transferred to countries on a negative list to be notified by the Central Government

DPDPA compliance is currently treated as a disclosure item rather than a closing condition in most rounds because enforcement is pending. However, investors in consumer-facing or health data startups are increasingly requiring a compliance roadmap as a Condition Subsequent (a commitment to achieve compliance within a defined period post-investment). It is better to have a documented compliance programme than to raise it for the first time in the data room.

Litigation, notices, and regulatory actions

Every pending or threatened legal matter must be disclosed in the legal DD. The investor’s lawyer specifically reviews:

• Litigation initiated by or against the company in any court, tribunal, or arbitration forum, including the National Company Law Tribunal (NCLT) and consumer forums
• Notices from the Income Tax department, GST authorities, Enforcement Directorate (ED), and sector-specific regulators
• Labour disputes and claims filed before the Labour Commissioner or Industrial Tribunal
• Pending show-cause notices, even where no response has been filed
• Matters involving directors or promoters personally, even if not naming the company, where the outcome could affect their ability to act as directors under Section 164 of the Companies Act 2013
• Resolved matters within the last five years, including settlement agreements and consent orders

Materiality and disclosure strategy

Investors distinguish between material and non-material disputes based on financial exposure and reputational risk. A ₹2 lakh consumer forum complaint is not material. A ₹50 lakh tax demand under scrutiny assessment is. Founders should resist the instinct to omit smaller disputes on the assumption they are irrelevant. The investor’s representation and warranty clause in the SHA will cover all known disputes, and a dispute that surfaces post-closing that was not disclosed gives the investor grounds for indemnification.

The correct approach is to disclose everything and provide context. A clear one-page summary of each dispute with the current status, the company’s position, and the estimated maximum exposure demonstrates governance maturity, not legal weakness.

How legal DD findings become deal conditions

This is the mechanism most founders encounter for the first time mid-round, and it is the one that most determines your final deal terms.

The three categories of findings

Every finding in a legal DD memo is classified into one of three categories:

A Condition Precedent (CP) is something that must be fixed before the investor transfers funds. CPs appear in Clause 3 of a standard SHA or in the closing conditions section of the SSA. Common CPs include: filing missing Form FC-GPR, executing IP assignment agreements from founders or contractors, ratifying an ESOP scheme through a special resolution, constituting the ICC under the POSH Act, and registering trademarks in the company name. The investor will not transfer funds until every CP is satisfied or formally waived. Fixing CPs after the term sheet is signed adds four to eight weeks to the closing timeline in a typical transaction.

A Disclosure Item is a finding that the investor has accepted as part of the risk profile of the investment. It is entered into the Disclosure Schedule, which is attached to the SHA as a schedule. By disclosing an item, the founder ensures they are not in breach of the representation and warranty that covers that area. The Disclosure Schedule is negotiated: investors try to narrow what is disclosed, founders try to broaden it.

A Noted Risk is a finding that neither party treats as a blocker but that is reflected in the investment terms. A noted risk might result in a lower valuation, a larger warranty and indemnity clause covering the specific risk, or a requirement for insurance. Pending tax scrutiny assessments frequently end up as noted risks with an indemnity obligation on the founders.

What this means practically

A founder who has done an internal legal audit before the term sheet can identify which items will become CPs, fix them in advance, and negotiate from a cleaner position. The difference between a startup that opens a data room with complete documentation and one that opens it with gaps is not just time. It is the negotiating leverage that determines the final valuation and the scope of the warranty and indemnity clause.

Five legal DD red flags that restructure or kill rounds

Based on Treelife’s transaction experience, the following five findings are the ones most likely to result in a CP that delays closing, a valuation adjustment, or in the worst case a deal falling apart.

1. Cap table does not reconcile to PAS-3 filings

When the cap table in the data room does not match the allotment filings on MCA, the investor cannot determine who owns the company. This is almost always caused by ESOP grants that were authorised by the board but never converted through a proper allotment resolution and PAS-3 filing, or by an early angel investment that was received as a convertible but never formally converted. This is a deal-pausing finding.

2. IP ownership is in a founder’s name, not the company’s

Core technology built before incorporation, or by a co-founder who has since left, often sits in a personal name. If the company’s product is built on IP it does not legally own, the investor is buying equity in a company whose core asset belongs to someone else. Getting an assignment executed after the fact is possible but requires the cooperation of the person who owns the IP, which becomes very difficult if that person has left on bad terms.

3. Missing FC-GPR filings on prior foreign investment

As noted above, late or missing FC-GPR filings require a compounding application to the RBI. The compounding process typically takes three to six months and results in a monetary penalty. Investors at the new round carry this as a CP because the liability sits with the company. Running a compounding application in parallel with a funding round is expensive and disruptive.

4. ESOP scheme without shareholder approval

An ESOP pool that was set up by a board resolution alone, without the required special resolution under Section 62(1)(b), means that every option grant under that scheme is unauthorised. The fix requires calling an EGM, passing the special resolution, and filing MGT-14 with the MCA. If the company has employees who have been granted options and are mid-vesting cycle, this finding creates both a legal issue and an employee relations issue.

5. Undisclosed disputes or regulatory notices

Any dispute or notice that surfaces after the SHA is signed and was not in the Disclosure Schedule is a breach of the founder’s representation. Under a standard SHA, the investor can seek indemnification for the loss caused by the breach. In extreme cases, it gives the investor grounds to rescind the transaction. Founders who discover a dispute mid-DD should disclose it immediately and provide context, rather than hope it resolves before closing.

Case study

Situation: Seed-stage B2B SaaS startup based in Bengaluru. Two technical co-founders. Had raised ₹3.5 crore from three angel investors (two Indian, one NRI). Received a Series A term sheet from a mid-sized domestic VC at ₹80 crore pre-money valuation.

Challenge: FC-GPR for the NRI angel’s investment had never been filed. The NRI had invested through a CCPS structure in FY2022. ESOP scheme existed in a board resolution but had never gone to shareholders. IP assignment clause was missing from one co-founder’s founders’ agreement because the agreement was signed informally.

What Treelife did: Ran a pre-DD internal audit before opening the data room. Filed the late FC-GPR through the compounding route with the AD bank. Drafted and passed the ESOP special resolution at an EGM before the investor’s lawyers began their review. Executed a supplementary IP assignment with the co-founder.

Outcome: Data room opened 45 days after the term sheet. Legal DD completed in 22 days with zero Conditions Precedent. Round closed at the original valuation. Estimated time saved versus addressing CPs mid-DD: 8 to 10 weeks.

FAQs on Legal Due Diligence for Startups in India

Q: What documents do investors always request in legal DD regardless of stage?
A: Certificate of Incorporation, MOA/AOA, all board and shareholder resolutions, current cap table reconciled to PAS-3 filings, founders’ agreement with IP assignment, ESOP scheme document and all grant letters, key customer contracts, IP ownership documentation, and all FEMA filings. At seed stage this is typically 25 to 35 documents. At Series A it expands to 90 to 120.

Q: Does legal DD happen before or after the term sheet?
A: Full legal DD happens after the term sheet is signed and before definitive agreements are executed. A light preliminary scan often happens before the term sheet. However, founders should prepare for full legal DD before they begin fundraising, not after they receive the term sheet.

Q: What is the difference between a Condition Precedent and a representation and warranty?
A: A Condition Precedent is a specific action that must be completed before funds are transferred. A representation and warranty is a statement of fact made by the founder in the SHA that is confirmed to be true at the time of signing. Anything not disclosed in the Disclosure Schedule but covered by a representation and warranty creates an indemnification obligation if it turns out to be false.

Q: Is FEMA compliance checked even for fully Indian-invested startups?
A: If all investors are Indian residents investing Indian rupees, FEMA does not apply to the investment itself. However, FEMA becomes relevant if the company has any NRI, OCI, or foreign entity as an investor, or if it has made any payments to foreign vendors under specific instrument types. Most startups above seed stage have at least one non-resident investor.

Q: What happens if an FC-GPR was never filed for a past foreign investment?
A: The company must file a compounding application with the RBI through its AD bank under Section 15 of FEMA 1999. The compounding process takes three to six months and results in a monetary penalty that is calculated based on the amount of the contravention, duration of delay, and the company’s cooperation. The investor at the new round will typically make resolution of the compounding application a Condition Precedent.

Q: Can an ESOP scheme set up without a special resolution be ratified retrospectively?
A: Yes. The company must call an EGM, pass a special resolution under Section 62(1)(b) of the Companies Act 2013 ratifying the scheme, and file Form MGT-14 with the MCA within 30 days of the resolution. All existing grants remain valid after ratification. The ratification should be completed before the data room is opened to avoid the finding becoming a formal CP.

Q: Does DPDPA 2023 apply to startups during the current enforcement gap?
A: The DPDPA 2023 has been enacted. The Rules were notified in January 2025. Full enforcement is pending, but the law is in force and investors are already checking for basic compliance in Series A+ rounds, particularly for consumer-facing startups. Starting compliance preparation now avoids a rushed exercise when enforcement begins.

Q: What does a POSH Act ICC need to have to be compliant?
A: The ICC must have a minimum of four members: a presiding officer who is a woman employed at a senior level, two members from among employees, and one external member from an NGO or association committed to the cause of women or a person familiar with issues relating to sexual harassment. The external member must be present for the committee to be validly constituted. The committee’s annual report must be submitted to the District Officer by 31 January each year.

Q: How long does legal DD typically take at Series A?
A: Four to six weeks from data room opening to delivery of the legal DD memo, assuming the data room is well-organised and there are no significant gaps. Gap-ridden data rooms take six to ten weeks and sometimes longer if FEMA compounding or MCA filings need to be completed during the process.

Q: Is there a standard data room format for legal DD?
A: There is no single standard, but investors consistently expect the folder structure to mirror the DD workstreams: Corporate, Cap Table and Securities, Contracts, IP, Regulatory and Licences, FEMA and RBI, ESOP, Labour and HR, Data and Privacy, and Litigation. Each folder should have a document index. Version control and named access protocols (not open shareable links) are expected at Series A.

Q: What is the typical cost of a pre-DD legal audit?
A: This varies by the complexity of the company’s history, the number of prior funding rounds, and the number of jurisdictions involved. The cost is significantly lower than the value of the time and negotiating leverage lost by addressing CPs after the term sheet is signed.

Q: Does angel tax still apply in FY26?
A: Section 56(2)(viib) angel tax was removed for DPIIT-recognised startups from 01/04/2024 under the Finance Act 2024. For unrecognised startups, angel tax still applies on allotments to Indian resident investors where the issue price exceeds fair market value. Legacy allotments to Indian residents made before 01/04/2024 without a Rule 11UA valuation report remain a potential exposure even for DPIIT-recognised startups and should be reviewed before the data room opens.

Q: How does legal DD differ for a fundraising round versus an acquisition?
A: In a fundraising round, the investor takes a minority stake and the DD is focused on ownership clarity, governance, and risk. In an acquisition, the buyer assumes all liabilities and the DD scope expands significantly to cover every employee contract, all regulatory licences (including non-material ones), environmental history, and all vendor obligations. The Disclosure Schedule in an acquisition is typically ten times the length of a minority investment round.

Regulatory references:

• Companies Act 2013: Sections 4, 5, 39, 62, 85, 88, 89, 92, 117, 134, 164, 170
• Income Tax Act 1961: Sections 17(2)(vi), 56(2)(viib), 80-IAC, 192(1C); Rule 3(8), Rule 11UA
• Foreign Exchange Management Act (FEMA) 1999: Section 13, Section 15
• Foreign Exchange Management (Non-Debt Instruments) Rules 2019: Rule on FC-GPR (30-day filing), FC-TRS (60-day filing), FLA annual return (15 July deadline)
• Indian Contract Act 1872: Section 27 (restraint of trade)
• Trade Marks Act 1999: Sections 9, 13, 14
• Patents Act 1970: Sections 3, 48
• Copyright Act 1957: Sections 13, 14
• Prevention of Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act 2013: Sections 4, 21, 26
• Digital Personal Data Protection Act 2023
• Employees’ Provident Funds and Miscellaneous Provisions Act 1952: Section 7Q, Section 14B
• Employees’ State Insurance Act 1948
• Central Goods and Services Tax Act 2017
• Registration Act 1908
• Finance Act 2024 (angel tax amendment)

External sources:

• mca.gov.in (MCA21 filing portal, Companies Act 2013)
• rbi.org.in (FEMA, FC-GPR, FLA return guidelines)
• startupindia.gov.in (DPIIT recognition criteria, Section 80-IAC)
• ipindia.gov.in (trademark, patent, copyright registry)
• incometaxindia.gov.in (Section 56(2)(viib), Rule 11UA, Section 192(1C))